<?php
header("Content-type:text/html;charset=utf-8");
require_once("dbtools.inc.php");
$id=$_COOKIE['id'];
$correct_t=$_COOKIE['correct'];

$link = create_connection();
$sql="select * from users where id=$id and status='normal'";
$result=@execute_sql($link,'zhihu',$sql);

$user = @mysqli_fetch_object($result)->username;
$user = $user.'thonsun123';
if($correct_t!=md5($user)){
    @mysqli_free_result($result);
    @mysqli_close($link);
    header("location:login.php");
}

$question_id=isset($_GET['questionid'])?$_GET['questionid']:1;
$user_id=$_COOKIE['id'];
$content=$_POST['content'];
$addtime = date("Y-m-d H:i:s", time());

$sql="select * from answers where qst_id=$question_id and users_id=$user_id";
$result=execute_sql($link,'zhihu',$sql);
if (@mysqli_num_rows($result)){
    @mysqli_free_result($result);
    @mysqli_close($link);
    echo "<script>alert('只能回答一次');window.location.href='question_detail.php?questionid=$question_id';</script>";
}
    if ($content=="") {
        echo "<script>alert('回答不能为空');window.location.href='question_detail.php?questionid=$question_id';</script>";
    }
    else{
    $sql = "update users set answers=answers+1 where id=$id";
    @execute_sql($link,'zhihu',$sql);
    $sql="insert into answers (users_id,qst_id,content,addtime) value ($user_id,$question_id,'$content','$addtime')";
    $result=@execute_sql($link,'zhihu',$sql);

    @mysqli_free_result($result);
    @mysqli_close($link);
    echo "<script>alert('回复成功');window.location.href='question_detail.php?questionid=$question_id';</script>";
    }

?>